attempt at verifying follow requests

author: Julio Capote <jcapote@gmail.com> 2023-01-04 14:33:15 +0000
committer: Julio Capote <jcapote@gmail.com> 2023-01-04 14:33:15 +0000
commit: 55b5ea190b2cc7a355fb4fe939f296b8970374e0 (patch)
tree: cfbedce0f7e90b89be5407e69789eb91bab57c40 /registry
parent: e92d23b4e3e065fe7e0ce87b5045dd7199ff0c0c (diff)
download: communique-55b5ea190b2cc7a355fb4fe939f296b8970374e0.tar.gz
1 files changed, 7 insertions, 3 deletions
diff --git a/registry/registry.go b/registry/registry.go
index 5b912b1..7cdc5dd 100644
--- a/registry/registry.go
+++ b/registry/registry.go
@@ -194,12 +194,11 @@ func (r *Registry) Inbox(name string, req *http.Request) error {
 		person = p
 		return nil
 	}, func(c context.Context, note vocab.ActivityStreamsNote) error {
-		// We can treat the type differently.
+		//TODO not needed, need to figure out how to only pass one func
 		return nil
 	})
 
 	ctx := context.Background()
-	// Pass in a vocab.Type instead of map[string]interface{}.
 	err = resolver.Resolve(ctx, keyPageData)
 
 	pubKeyProp := person.GetW3IDSecurityV1PublicKey()
@@ -209,7 +208,12 @@ func (r *Registry) Inbox(name string, req *http.Request) error {
 	pem := pemProp.Get()
 	logger.With("keyId", keyId).With("pem", pem).Debugf("extracted pem")
 
-	return nil
+	decodedKey, err := x509.ParsePKCS1PublicKey([]byte(pem))
+	if err != nil {
+		return err
+	}
+	algo := httpsig.RSA_SHA256
+	return verifier.Verify(decodedKey, algo)
 }
 
 func (r *Registry) ActivityOrNote(activityOrNote, name, id string) (map[string]interface{}, error) {
author	Julio Capote <jcapote@gmail.com>	2023-01-04 14:33:15 +0000
committer	Julio Capote <jcapote@gmail.com>	2023-01-04 14:33:15 +0000
commit	55b5ea190b2cc7a355fb4fe939f296b8970374e0 (patch)
tree	cfbedce0f7e90b89be5407e69789eb91bab57c40 /registry
parent	e92d23b4e3e065fe7e0ce87b5045dd7199ff0c0c (diff)
download	communique-55b5ea190b2cc7a355fb4fe939f296b8970374e0.tar.gz